August 2014. A world-wide data breach was announced Tuesday August 5, 2014 in which username and password combinations as well as email addresses were stolen from over 400,000 websites. Middlesex Federal Savings is not aware that any online banking usernames or passwords were compromised.

We recommend you take the following actions to help protect your privacy:

Change your passwords periodically.

Monitor your accounts for any unusual activity.

Report suspicious transactions to us immediately.

Since this has generated so much media activity, fraudsters may send malicious emails with links pretending to offer help. These emails may try to trick you into visiting a fake website and providing your personal account information. These emails may also ask you to call a phone number and provide your account information. Be alert and use caution. Below is information that can help you identify phishing and spoofing emails.

Look at the URL closely. If you place your cursor over a link in a suspicious email, your email program most likely shows you the destination URL. DO NOT click on the link, but look closely at the URL. If a URL includes "fakewebsite.com" in its name it is leading you to an unknown site. Just because a bank or company name appears in the URL does not guarantee that the site is an official site.

Requests for personal information. We will never send you an email that request that asks you to reply with any personal information such as your social security number, or personal identification number (PIN).

Urgent appeals. We will never claim your account may be closed if you fail to confirm, verify, or authenticate your personal information via email.

Messages about system and security updates. We will never claim the need to confirm important information via email due to a system upgrade.

Offers that sound too good to be true. We will never ask you to fill out a customer service survey in exchange for money, then ask you to provide your account number so you can receive the money.

Obvious typos and other errors. These are often the mark of fraudulent emails and websites.